Exploit: Hacking
The U.S. Drug Enforcement Agency (DEA): Federal Government Agency
Risk to Business: 1.763 = Severe
Officials are investigating a potential breach that could allow bad actors to access key systems used by law enforcement agencies in the U.S. A tip pointed officials to information that the LAPSUS$ hacking group may have gained access to the esp.usdoj.gov data portal, the Law Enforcement Inquiry and Alerts (LEIA) system, the U.S. Drug Enforcement Agency (DEA)’s El Paso Intelligence Center (EPIC) and other DEA systems. That unauthorized access may be used by cybercriminals in myriad ways including for impersonation efforts and doxing, as well as affording the bad guys the opportunity to search databases and to obtain sensitive data.
Individual Impact:
No information about consumer/employee PII, PHI or financial data exposure was available at press time.
How It Could Affect Your Customers’ Business: This kind of access and information in the wrong hands could be beneficial to cybercriminals including nation-state actors.
Risk Levels:
1 - 1.5 = Extreme Risk
1.51 - 2.49 = Severe Risk
2.5 - 3 = Moderate Risk
*The risk score is calculated using a formula that considers a wide range of factors related to the assessed breach.
